Skip to content

fix(oauth-provider): fix dist declaration type errors#8701

Merged
himself65 merged 1 commit intobetter-auth:canaryfrom
gustavovalverde:fix/oauth-provider-dist-types
Mar 20, 2026
Merged

fix(oauth-provider): fix dist declaration type errors#8701
himself65 merged 1 commit intobetter-auth:canaryfrom
gustavovalverde:fix/oauth-provider-dist-types

Conversation

@gustavovalverde
Copy link
Contributor

@gustavovalverde gustavovalverde commented Mar 20, 2026
edited
Loading

Summary

The oauth-provider package has 8 type errors in its emitted .d.mts declarations that are invisible during development but break external consumers. This PR fixes them and adds CI validation to prevent regressions.

Why these errors are hidden

The monorepo uses customConditions: ["dev-source"] in tsconfig.base.json, which resolves workspace imports to source .ts files instead of built dist/ output:

// tsconfig.base.json
"customConditions": ["dev-source"]

Each package exports a dev-source condition:

"dev-source": "./src/index.ts"

So pnpm typecheck (root tsc --build) resolves all cross-package imports to source — types are always consistent. But the published dist declarations have real type issues.

Scenario What TypeScript sees Result
Root tsc --build Source .ts via dev-source Passes
Package-level tsc --noEmit Source with dist deps (no build mode) 8 errors
External consumer via npm Dist .d.mts files Broken types

Commit 1: Fix the 8 type errors

  1. client-resource.ts (5 errors) — auth?.options.baseURL typed as BaseURLConfig (includes DynamicBaseURLConfig) in dist. Fix: narrow to string | undefined with a typeof check.

  2. consent.ts (1 error) — ctx.context.postLogin doesn't exist on dist AuthContext (dynamically added at runtime). Fix: cast to Record<string, unknown>.

  3. register.ts (1 error) — redirect_uris typed as string[] | undefined in dist, assigned to string[]. Fix: default to [].

  4. utils/index.ts (1 error) — BetterAuthError("jwt_config", "jwt plugin not found") — second arg is a string but constructor expects { cause?: unknown }. Silently ignored at runtime. Fix: drop invalid second arg.

Commit 2: Add dist declaration CI check

Adds tsconfig.dist-check.json at the repo root that:

  • Clears customConditions (disables dev-source resolution)
  • Sets composite: false + noEmit: true
  • Includes all downstream package sources, excluding better-auth, core, and electron (top-level packages that can't be dist-checked against themselves due to module augmentation conflicts)

Available locally via pnpm typecheck:dist and runs in CI after the build step.

How to reproduce

pnpm build
pnpm typecheck:dist  # Should pass (0 errors with this PR)

# Without this PR's fixes:
git stash
pnpm typecheck:dist  # Shows 8 oauth-provider errors

Test plan

  • pnpm typecheck (root, dev-source) still passes
  • pnpm lint passes
  • pnpm typecheck:dist — 0 errors (was 8)
  • 216/216 oauth-provider tests pass

@gustavovalverde
fix(oauth-provider): fix dist declaration type errors
554d0b5 
The monorepo uses `customConditions: ["dev-source"]` in
tsconfig.base.json, which resolves workspace imports to source `.ts`
files during `tsc --build`. This means the root `pnpm typecheck`
never validates the emitted `.d.mts` declarations from `tsdown`.

When consumers import `@better-auth/oauth-provider` via the published
dist output (or when typechecking from within the package), 8 type
errors surface because the emitted declarations lose type narrowing
that the source code relies on.

Fixes:
- client-resource.ts: narrow `baseURL` to `string | undefined` since
  `DynamicBaseURLConfig` cannot be used as a static issuer/audience
- consent.ts: cast context to `Record<string, unknown>` for the
  dynamically-added `postLogin` property
- register.ts: default `redirect_uris` to `[]` instead of `undefined`
- utils/index.ts: drop invalid second string arg from BetterAuthError
  (constructor signature is `(message, options?)` not `(code, message)`)
Copilot AI review requested due to automatic review settings March 20, 2026 00:20
@vercel
Copy link

vercel bot commented Mar 20, 2026

@gustavovalverde is attempting to deploy a commit to the better-auth Team on Vercel.

A member of the Team first needs to authorize it.

@pkg-pr-new
Copy link

pkg-pr-new bot commented Mar 20, 2026

Open in StackBlitz

@better-auth/api-key

npm i https://pkg.pr.new/@better-auth/api-key@8701

better-auth

npm i https://pkg.pr.new/better-auth@8701

auth

npm i https://pkg.pr.new/auth@8701

@better-auth/core

npm i https://pkg.pr.new/@better-auth/core@8701

@better-auth/drizzle-adapter

npm i https://pkg.pr.new/@better-auth/drizzle-adapter@8701

@better-auth/electron

npm i https://pkg.pr.new/@better-auth/electron@8701

@better-auth/expo

npm i https://pkg.pr.new/@better-auth/expo@8701

@better-auth/i18n

npm i https://pkg.pr.new/@better-auth/i18n@8701

@better-auth/kysely-adapter

npm i https://pkg.pr.new/@better-auth/kysely-adapter@8701

@better-auth/memory-adapter

npm i https://pkg.pr.new/@better-auth/memory-adapter@8701

@better-auth/mongo-adapter

npm i https://pkg.pr.new/@better-auth/mongo-adapter@8701

@better-auth/oauth-provider

npm i https://pkg.pr.new/@better-auth/oauth-provider@8701

@better-auth/passkey

npm i https://pkg.pr.new/@better-auth/passkey@8701

@better-auth/prisma-adapter

npm i https://pkg.pr.new/@better-auth/prisma-adapter@8701

@better-auth/redis-storage

npm i https://pkg.pr.new/@better-auth/redis-storage@8701

@better-auth/scim

npm i https://pkg.pr.new/@better-auth/scim@8701

@better-auth/sso

npm i https://pkg.pr.new/@better-auth/sso@8701

@better-auth/stripe

npm i https://pkg.pr.new/@better-auth/stripe@8701

@better-auth/telemetry

npm i https://pkg.pr.new/@better-auth/telemetry@8701

@better-auth/test-utils

npm i https://pkg.pr.new/@better-auth/test-utils@8701

commit: 554d0b5

cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Mar 20, 2026
View reviewed changes
Copy link
Contributor

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 4 files

Copilot AI reviewed Mar 20, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Fixes TypeScript declaration (.d.mts) type errors in the published oauth-provider package that don’t show up in monorepo development due to dev-source conditional exports, improving compatibility for external consumers importing from dist.

Changes:

  • Fix invalid BetterAuthError constructor usage in getJwtPlugin.
  • Ensure redirect_uris is always a string[] in schemaToOAuth output.
  • Avoid relying on non-string baseURL configs by narrowing to string | undefined in the resource client.
  • Avoid assigning an undeclared property on AuthContext by casting before setting postLogin.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File Description
packages/oauth-provider/src/utils/index.ts Removes invalid second BetterAuthError argument to fix emitted declaration typing.
packages/oauth-provider/src/register.ts Defaults redirect_uris to [] to satisfy required array type in emitted declarations.
packages/oauth-provider/src/consent.ts Casts context before setting postLogin to avoid dist type errors.
packages/oauth-provider/src/client-resource.ts Narrows auth.options.baseURL to a static string before using as issuer/audience.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@himself65 himself65 added this pull request to the merge queue Mar 20, 2026
Merged via the queue into better-auth:canary with commit c41fa04 Mar 20, 2026
25 of 28 checks passed
gustavovalverde added a commit to gustavovalverde/better-auth that referenced this pull request Mar 20, 2026
@gustavovalverde
ci: add dist declaration typecheck to CI
e77e56e 
Add `typecheck:dist` that validates package source against workspace
dependencies' dist declarations instead of source (disables the
`dev-source` custom condition). This catches type errors that `pnpm
typecheck` misses due to `customConditions: ["dev-source"]` resolving
all imports to source `.ts` files.

Excludes `better-auth`, `core`, and `electron` source from the check
because their `declare module` augmentations conflict with their own
dist augmentations when both are visible to the compiler.

Context: see better-auth#8701 for the full explanation of the `dev-source`
masking issue.
@gustavovalverde gustavovalverde mentioned this pull request Mar 20, 2026
Merged
himself65 pushed a commit that referenced this pull request Mar 20, 2026
@gustavovalverde @himself65
fix(oauth-provider): fix dist declaration type errors (#8701)
138666f
@himself65 himself65 mentioned this pull request Mar 20, 2026
Merged
himself65 pushed a commit that referenced this pull request Mar 20, 2026
@gustavovalverde @himself65
fix(oauth-provider): fix dist declaration type errors (#8701)
ec79fa2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

@Bekacru Bekacru Awaiting requested review from Bekacru Bekacru is a code owner

+1 more reviewer

@himself65 himself65 himself65 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@gustavovalverde @himself65